WordPress Easy Newsletter Signups plugin <= 1.0.4 - Broken Access Control vulnerability
CVE-2023-41664
6.5MEDIUM
What is CVE-2023-41664?
The Easy Newsletter Signups plugin by AlphaBPO is susceptible to a missing authorization vulnerability that allows attackers to exploit improperly configured access control security levels. This could potentially enable unauthorized actions or data exposure, compromising user data integrity. Versions from n/a through 1.0.4 are at risk, emphasizing the need for immediate attention to security configurations.
Affected Version(s)
Easy Newsletter Signups <= 1.0.4